过滤器的应用之自动登录--filter(三)
来源:互联网 发布:js判断有没有class 编辑:程序博客网 时间:2024/05/13 11:53
实现用户自动登陆的过滤器
原理:在用户登陆成功后,以cookis形式发送用户名、密码给客户端
编写一个过滤器,filter方法中检查cookie中是否带有用户名、密码信息,如果存在则调用业务层登陆方法,登陆成功后则向session中存入user对象(即用户登陆标记),以实现程序完成自动登陆
package com.jjyy.web;import java.io.IOException;import java.sql.SQLException;import javax.servlet.ServletException;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.commons.dbutils.QueryRunner;import org.apache.commons.dbutils.handlers.BeanHandler;import com.jjyy.domain.User;import com.jjyy.util.DaoUtils;import com.jjyy.util.MD5Utils;public class LoginServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {//1.获取用户名密码String name = request.getParameter("name");String password = MD5Utils.md5(request.getParameter("password"));//2.校验用户名密码String sql = "select * from user where name = ? and password = ? ";User user = null;try {QueryRunner runner = new QueryRunner(DaoUtils.getSource());user = runner.query(sql, new BeanHandler<User>(User.class),name,password);} catch (SQLException e) {e.printStackTrace();}if(user == null){response.getWriter().write("用户名密码不正确");return;}else{//3.登录用户request.getSession().setAttribute("user", user);// 如果用户勾选过30天内自动登陆,发送自动登陆cookieif("true".equals(request.getParameter("autologin"))){Cookie autologinC = new Cookie("autologin",user.getName()+":"+user.getPassword());autologinC.setPath(request.getContextPath());autologinC.setMaxAge(3600*24*30);response.addCookie(autologinC);}//4.重定向到主页response.sendRedirect(request.getContextPath()+"/index.jsp");}}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}
package com.jjyy.web;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;public class LogoutServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {if(request.getSession(false)!=null){request.getSession().invalidate();}response.sendRedirect(request.getContextPath()+"/index.jsp");}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}
package com.jjyy.domain;import java.io.Serializable;public class User implements Serializable {private int id;private String name;private String password;private String role;public int getId() {return id;}public void setId(int id) {this.id = id;}public String getName() {return name;}public void setName(String name) {this.name = name;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}public String getRole() {return role;}public void setRole(String role) {this.role = role;}}
package com.jjyy.filter;import java.io.IOException;import java.sql.SQLException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.xml.registry.infomodel.User;import org.apache.commons.dbutils.QueryRunner;import org.apache.commons.dbutils.handlers.BeanHandler;import com.jjyy.util.DaoUtils;/** * autoLoginFilter * @author JiangYu * */public class AutoLoginFilter implements Filter {public void destroy() {}public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {HttpServletRequest req = (HttpServletRequest) request;HttpServletResponse resp = (HttpServletResponse) response;//1.只有未登录的用户才能自动登陆if(req.getSession(false)==null || req.getSession().getAttribute("user")==null){//2.只有带了自动登陆cookie的用户才能自动登陆Cookie [] cs = req.getCookies();Cookie findC = null;if(cs!=null){for(Cookie c : cs){if("autologin".equals(c.getName())){findC = c;break;}}}if(findC!=null){//3.自动登录Cookie中保存的用户名密码都需要是正确的才能自动登陆String name = findC.getValue().split(":")[0];String password= findC.getValue().split(":")[1];String sql = "select * from user where name = ? and password = ? ";User user = null;try {QueryRunner runner = new QueryRunner(DaoUtils.getSource());user = runner.query(sql, new BeanHandler<User>(User.class),name,password);} catch (SQLException e) {e.printStackTrace();}if(user!=null){req.getSession().setAttribute("user", user);}}}//无论是否自动登陆,都放行资源chain.doFilter(request, response);}public void init(FilterConfig arg0) throws ServletException {}}
package com.jjyy.filter;import java.io.IOException;import java.io.UnsupportedEncodingException;import java.util.Map;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletRequestWrapper;public class EncodeFilter implements Filter {private FilterConfig config = null;private String encode = null;public void destroy() {}public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {//响应的乱码处理response.setContentType("text/html;charset=utf-8");//装饰chain.doFilter(new MyHttpServletRequest((HttpServletRequest)request), response);}public void init(FilterConfig filterConfig) throws ServletException {this.config = filterConfig;this.encode = config.getInitParameter("encode")==null?"utf-8":config.getInitParameter("encode");}//请求乱码的处理class MyHttpServletRequest extends HttpServletRequestWrapper{private HttpServletRequest request = null;boolean isNotEncode = true;public MyHttpServletRequest(HttpServletRequest request) {super(request);this.request = request;}@Overridepublic Map getParameterMap() {try {if(request.getMethod().equalsIgnoreCase("POST")){request.setCharacterEncoding(encode);return request.getParameterMap();}else if(request.getMethod().equalsIgnoreCase("GET")){//request.getParameterMap()第一次会解决,然后缓存起来//request.getParameterMap()第二次直接从缓存中的mapMap<String,String[]> map = request.getParameterMap();if(isNotEncode){for(Map.Entry<String, String[]> entry:map.entrySet()){String [] vs = entry.getValue();for(int i=0;i<vs.length;i++){vs[i]= new String(vs[i].getBytes("iso8859-1"),encode);}}isNotEncode = false;}return map;}else{return request.getParameterMap();}} catch (UnsupportedEncodingException e) {e.printStackTrace();}return super.getParameterMap();}@Overridepublic String getParameter(String name) {return getParameterValues(name)==null?null:getParameterValues(name)[0];}@Overridepublic String[] getParameterValues(String name) {return (String[])getParameterMap().get(name);}}}
package com.jjyy.util;import java.math.BigInteger;import java.security.MessageDigest;import java.security.NoSuchAlgorithmException;public class MD5Utils {public static String md5(String plainText) {byte[] secretBytes = null;try {secretBytes = MessageDigest.getInstance("md5").digest(plainText.getBytes());} catch (NoSuchAlgorithmException e) {throw new RuntimeException("没有md5这个算法!");}String md5code = new BigInteger(1, secretBytes).toString(16);for (int i = 0; i < 32 - md5code.length(); i++) {md5code = "0" + md5code;}return md5code;}}
package com.jjyy.util;import java.sql.Connection;import java.sql.SQLException;import javax.sql.DataSource;import com.mchange.v2.c3p0.ComboPooledDataSource;public class DaoUtils {private static DataSource source = new ComboPooledDataSource();private DaoUtils() {}public static DataSource getSource(){return source;}public static Connection getConn(){try {return source.getConnection();} catch (SQLException e) {e.printStackTrace();throw new RuntimeException(e);}}}
0 0
- 过滤器的应用之自动登录--filter(三)
- 过滤器(Filter)应用之------设置页面缓存、用户的自动登录和敏感词过滤
- filter过滤器之自动登录代码
- 过滤器Filter的应用:登录验证
- JavaWeb-过滤器Filter学习(三)实现用户的自动登录与IP黑名单过滤
- Filter过滤器实现自动登录
- Filter过滤器实现自动登录
- 过滤器Filter的案例2——自动登录
- Filter过滤器的应用--拦截未登录用户
- Filter实际应用--检查用户是否登录的过滤器
- filter 过滤器实现自动登录功能
- Filter过滤器周期、自动登录、编码、
- HBase学习之三: hbase filter(过滤器)和coprocessor(协处理器)统计行数的简单应用
- 6Filter应用5实现用户自动登陆的过滤器
- Filter-过虑器应用之4-用户自动登录
- JAVAWEB开发之Servlet Filter(过滤器)详解包括post和get编码过滤器、URL访问权限控制、自动登录。以及装饰模式的使用
- Filter过滤器+cookie实现自动登录和安全登录
- 【SSO】--单点登录之过滤器(filter)
- 第一次写博客
- 彻底理解PHP的SESSION机制
- 设计模式(Design Patterns)
- 自控力
- 12、IOS GitHub 上排名前 100 的 Objective-C 项目简介
- 过滤器的应用之自动登录--filter(三)
- 数据结构与算法002: 最小生成树
- linux svn启动和关闭
- 您所查找的页面无法显示,因为使用了无效的方法(HTTP 动作)进行访问
- Quagga使用笔记1
- LR_EXIT函数的学习
- 端口映射---将局域网本地ip地址映射到外网
- Affymetrix芯片分析:获取差异表达基因系列一
- fragment的使用